|And there's a nuther dill . . .
||[Feb. 17th, 2016|05:22 pm]
Phrembah (a potato-like mystery)
I have actually written programs for encrypting/decrypting data. I used the AES256 algorithm developed by the NSA and published by the National Institute of Standards and Technology (NIST), the erstwhile NBS. You'll still hear old farts refer to "NBS time," the super accurate time signals from various Naval Observatories broadcast by the "National Bureau of Standards" on uber-powerful radio stations maintained strictly for that purpose. Nowadays you can get more accurate time than that from the GPS receiver in your cell phone, but I digress . . .
The government publishes these encryption standards that are supposedly unbreakable by a brute force attack by an infinite number of super-computers working for an infinite number of years. My attitude was always, "Yeah, sure, what about a non-brute-force attack?" Along the lines of the old defense industry adage, "How do you defeat a missile defense system? Don't use a missile." I always assumed that NSA would not have put an encryption standard out there that they could not break. I always considered my best defense to remain as uninteresting as possible; stay off the fuckin' radar for chrissake; they have so much bigger fish to fry. So, I always assumed that if NSA wanted to peek at my paltry little password list encrypted by my homespun encryption program, they could very easily do so. What's more, they could probably do so without me ever knowing they had peeked.
So the point of all this is that it surprised me that, in the case of the Encrypted Terrorist Telephone, the government needs any help from Apple in unlocking it. I'm surprised that they allowed the existence of an encryption algorithm they had not already broken. The other thing that surprises me is that they, and apparently Apple too, think that Apple could do anything now. I always understood that "back doors" had to be in place prior to encryption for you to be able to use them to decrypt stuff. The nature of the argument confounds me some, but I'll just let them duke it out while I keep my head down, way off the fucking radar.
[Edit 2016.03.02]: Listening to the news today, apparently the FBI does not talk to the NSA or vise versa and the FBI itself is not technically competent enough to write the software to crack the phone encryption. Apparently, Apple has the password entry set up so that, after ten unsuccessful tries, it shuts the phone off for a time, thus making brute force attacks impractical. The FBI wants Apple to write an update to the OS that would remove that feature so that they can launch a brute force password attack against the phone. It seems there was no back door to the encryption algorithm and writing one now wouldn't help, just as I thought. So, it has to do with Apple refusing to help, but it also has an FBI-incompetence component to it. Now I wonder: Even if the FBI does not have the the techno-huevos to hack the phone OS, who's to say that somebody besides Apple does not? Hmmmm . . .
You have to remember that with serious, politically transcendent spooks like the NSA, their biggest secret is information pertaining to just what they're capable of. Seriously. There's a very-non-zero chance that the NSA would just let the FBI flounder and spiz to avoid having it get out that they've been listening to encrypted iPhones since there were iPhones. It would not surprise me if the NSA already knows there's nothing of crucial interest on the phone in question.
[Edit 2016.03.14]: And there's more! And I'm righter than ever I thought I could be! Richard Clark, Security Poobah for two (count 'em: two!) presidential administrations, says that he's sure the NSA could crack the phone (if they haven't already) if that was what the FBI wanted, but that the FBI is almost certainly going for a legal precedent that will allow them to impress private companies into service when they want tech prowess for free.
[Edit 2016.03.23]: And am I omniscient or what? The FBI now says they will probably drop the whole deal against Apple because there are other parties who can modify the iPhone OS to allow access to the phone's memory or at least enable a brute-force password attack. Whatever Apple could have possibly done can be done by someone else with fewer scruples, someone who is more invested in proving their technical prowess than their dedication to ethics. Fine. Everyone who's not already dead is happy.
[Edit 2016.04.01]: The fourth party player in the whole FBI/Apple/terrorista shananigan is an Israeli company who the FBI has used before. Seems the FBI isn't nearly as omniscient or omnipotent as I/we had always assumed. They're devaluing my omnicience, damn it! When it's not any harder than it is to be smarter than they are. Geez . . .